Network Ports: 6 GbE LANs – High network port density provides the performance and operational flexibility and redundancy required to secure a high-availability network infrastructure, along with economies of scale needed by large companies, enterprise, data centers, and service providers.

Iron Networks Oneface Management System Features

Appliance Recovery and Remote Management System (ARRMS™) provides offline and online remote system management and maintenance to the appliance hardware and software image.

ARRMS operating environment functions completely independently of the main appliance hardware and software environment. The appliance can boot into "maintenance mode" where the administrator has full BIOS-level access to the hardware and software environments, even with the appliance operating system shutdown or the hardware powered off.

System image backup, restore and "Bare-Metal" recovery. Backup any number of system image to local disk partition, removable media or a network target, such images than can be used for a quick restore to "last good known state".

Iron Networks delivers Integrated Appliance "Turnkey" Solutions

Integrated Security Audits: Iron Networks appliance systems are built with security best practices in mind. Various software add-ons, hardware components and system configurations will change a system profile; each of image versions is systematically packaged, tested for reliability and receives complete security audit on an ongoing basis by our security system experts.

An ISO 9001:2000 Certified Quality: The Net-Gateway series product line is the most integrated Microsoft Forefront network security appliances on the market. Unlike alternatives that are simply based on proprietary or general-purpose server hardware, our appliances are designed for highest reliability, optimized for maximum performance, and manufactured to exact quality specifications. Network edge security is a critical business function, trust Iron Networks to deliver reliable and comprehensive solutions, support and services.

Forefront TMG Features

Learn about the features and benefits of Microsoft Forefront Threat Management Gateway 2010 (TMG), which is designed to provide a comprehensive, secure Web gateway that helps protect employees from Web-based threats.

Feature Highlight: HTTPS Inspection

By inspecting within these encrypted sessions, Forefront TMG can both detect possible malware as well as limit employee Web usage to approved sites. Sensitive sites, such as banking sites, can be excluded from inspection.

Inbound and outbound Web traffic is inspected for viruses and malware, including archived folders. Encrypted folders can be blocked. For large files, users are trickled the file to assure them the file is being downloaded.

E-mail security

Forefront TMG provides central management for Exchange and Forefront Protection 2010 for Exchange when located on the same server. Forefront TMG does not include either Exchange or Forefront Protection 2010 for Exchange. Both must be purchased and installed separately.

HTTPS inspection

HTTPS-encrypted sessions can be inspected for malware or exploits. Specific groups of sites—such as banking sites—can be excluded from inspection for privacy reasons. Users of the TMG Firewall Client can be notified of the inspection.

Network Inspection System (NIS)

Traffic can be inspected for exploits of Microsoft vulnerabilities. Based on protocol analysis, NIS enables blocking of classes of attacks while minimizing false positives. Protections can be updated as needed.

Enhanced Network Address Translation (NAT)

Forefront TMG now enables you to specify individual e-mail servers that can be published on a 1-to-1 NAT basis.

Enhanced Voice over IP support

Forefront TMG includes SIP traversal, enabling simpler deployment of Voice over IP within the network.

Forefront TMG allow users to access a group of published Web sites without being required to authenticate with each Web site.

Delegation of basic authentication

Forefront TMG helps protect published Web sites from unauthenticated access by requiring the Forefront TMG firewall to authenticate the user before the connection is forwarded to the published Web site. This prevents exploits from unauthenticated users from reaching the published Web server.

Link translation to internal servers

Forefront TMG includes a link translation feature that you can use to create a dictionary of definitions for internal computer names that map to publicly known names.

Implements link translation automatically during Web publishing.

SSL bridging support

To guard against embedded attacks in HTTP traffic, SSL bridging allows SSL protected packets to be decrypted by Forefront TMG, inspected, and re-encrypted.

Virtual Private Networks

Feature

Description

Site-to-site VPN

Forefront TMG enables quick connectivity between sites via wizard-based approach. Also can be configured for tunnel-mode IPSec for support of third party devices.

Networking and Performance

You may configure one or more networks, each with distinct relationships to other networks. Access policies are defined relative to the networks and not necessarily relative to a specific internal network. Forefront TMG extends the firewall and security features to apply to traffic between any networks or network objects.

Caching

Forefront TMG provides caching to improve user experience and reduce bandwidth costs. With the centralized cache rule mechanism of Forefront TMG, you can configure how objects stored in the cache are retrieved and served from the cache.

Background Intelligent Transfer Service (BITS) caching

Forefront TMG provides the caching mechanism for data received through BITS. Any cache rule that you create can be enabled to cache BITS data.

HTTP compression

You can reduce file size by using algorithms to eliminate redundant data during transmission of HTTP packets.

Diffserv (Quality of Service)

Forefront TMG includes packet prioritization functionality (provided by the Diffserv Web filter), which scans the URL or domain and assigns a packet priority using Diffserv bits.

Iron Networks powered system and hardware management software provides a complete integrated solution for Microsoft Forefront Threat Management Gateway (TMG) and Unified Access Gateway (UAG) and Direct Access (DA) edge security software suites. We have net Gateway models that can be deployed either as standalone units, or as fully redundant, highly available arrays. Our standard business edition appliances are deployed as a standalone device and enterprise edition appliances can be deployed as a standalone device or high-availability (HA) devices with network load balancing (NLB) in a large clustered array for optimal service resiliency.

Purpose-Built for Optimum Performance and System Reliability

Iron Networks offers a wide range of hardware configurations, each of the models are pre-configured with most optimized hardware components and system management tools to meet our customers unique business requirements. Configurations are fine tuned to deliver various levels of system performance, capacity, scalability and availability required to meet the requirements of small to large size business, small to large size enterprise and branch offices.

The Net-Gateway Platform Appliance Advantage

Each security appliance has various software and hardware components installed and integrated. This configuration is then carefully tuned and hardened to maximize the security posture of each system. This hardening is exhaustive, costly and difficult to provide in general IT hardware and software only implementations, but imperative on edge security devices.

Iron Networks has the lowest total cost of ownership as compared to traditional software alternatives. The Iron Networks appliance-based architecture eliminates many of the costs of traditional systems management including software and hardware procurement, installation, off-site training, and the resources required for ongoing upgrades, system maintenance and technical support. Our appliance advantage offers security hardened configurations for smooth “Out-Of-the-Box” experience.

Iron Networks delivers Integrated “Turnkey” Appliance Solutions:

Iron Networks Networks, an ISO 9001:2000 company, is a provider of mission critical network edge security infrastructure solutions. Unlike alternatives that are simply based on proprietary or general-purpose server hardware, our appliances are designed for highest reliability, optimized for maximum performance, and manufactured to exact quality specifications. You can trust Iron Networks Net-Gateway appliances to deliver the most reliable and comprehensive Forefront solutions.

2. Securely Publishing Your Content for Remote Access

Businesses need to provide employees and partners with secure and appropriate remote access to applications, documents, and data from any PC or device.

TMG Server 2010 Appliance (nTMG or nTMGE Series) enables organizations to make their Exchange, SharePoint, and other Web application servers accessible in a more secure way to remote users outside the corporate network. By pre-authenticating users before they gain access to any published servers, inspecting even encrypted traffic at the application layer in a stateful manner, and providing automated publishing tools, TMG Server 2010 Appliance (nTMG or nTMGE Series) makes it easier to provide security for corporate applications accessed over the Internet. Read more about Secure Remote Access with TMG Server 2010 Appliance (nTMG or nTMGE Series).

Iron Networks is an OEM provider of software-defined converged network, compute & storage virtualization infrastructure platforms for cloud-optimized modern data centers. The IronPOD solutions are OpenStack, VMWare and Microsoft Fast-Track validated turnkey cloud and storage building blocks, built on industry standard commodity hardware, quick to deploy at large-scale and easy to distribute as a single low-cost rack level SKU. IronPOD enterprise level support services and systems are available via qualified partners globally to help enterprises efficiently build private cloud environments, and service providers build public cloud offerings.